Skills
skills/richfrem/agent-plugins-skills/create-agentic-workflow/Gen Agent Trust Hub

create-agentic-workflow

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a Python script via Bash using arguments derived from user input such as the skill directory and trigger list. This pattern presents a risk of command injection if the input strings contain malicious shell meta-characters.
  • [PROMPT_INJECTION]: The skill processes content from existing skills which introduces an indirect prompt injection vulnerability.
  • Ingestion points: Content is read from the directory path provided by the user (target-skill).
  • Boundary markers: No explicit delimiters are used to encapsulate or ignore instructions within the ingested files.
  • Capability inventory: The skill has access to Bash for executing subprocesses and Write for modifying the filesystem.
  • Sanitization: There are no instructions for validating or sanitizing the content of the target skill files during the conversion process.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 06:09 PM